Azure - Container Instances: Best Practice

azure cloud container devops

This post guides through best practice approaches concerning the deployment of Azure Container Instances

aci_conncet_container

Introduction

I’ve tried the service Azure Container Instances for the very first time at the starting point of an attempt to get Container, which are hosted on premise, to a running state within the Azure Cloud. Finally, for getting a successfull deployment of the ACI, I was facing some obstacles and the intention of this post is to summarize a best practice approach (at least it worked for me) of this service including all pitfalls I’ve faced.

Prerequisites

According to be well prepared, there is IMHO just a simple rule to consider: If you are capable of pulling your Container Image and getting your Container in a running state outside of your usual network or if you are able to push your Container Image to an Azure Container Registry, then nothing more can block your establishment of an Azure Container Instance deployment. Also be aware of any prerequistes, which you need to run your e.g.: application inside the Container, e.g.: License Server, Shares, etc…

Btw.: Taking into account that you’ve a proper Azure subscription available ;)

Choice of the Container Registry

You can dedicde whether you’d like to access your Container Image from a private or public Container Registry - in case of the private Registry ensure you get the proper credentials and that the necessary permissions (read/write) are set. Another option would be to choose the Container Registry of Azure - the Azure Container Registry

https://azure.microsoft.com/en-us/services/container-registry/

Private Container Registry vs. Azure Container Registry

Reasons for using a Private Container Registry

Reasons for using the Azure Container Registry

Azure Container Instances Deployment Step by Step

Example Container Image

I’ve prepared a self-made Container Image, which will be used for creating an Azure Container Instance. It is available at my own Container Registry “patricksregistry” (see picture below). The Container is Windows based and after running it, a simple http-request to this webside is done (can be observed at the logs).

The content of the Dockefile can be seen in the snippet below:

FROM mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2019

WORKDIR "C:/Scripts"

ADD "Scripts/Start.ps1" "C:/Scripts"

ENTRYPOINT powershell -File Start.ps1

The mentioned http-request in implemented within the “Start.ps1” Powershell script.

aci_acr

The corresponding Dockerfile can be downloaded at:

https://github.com/patkoch/blog-files/tree/master/post6

Basics

Let’s start to create a Container Instance within Azure, by using the simple Example Container Image.

After choosing the Container Instances from the Azure Portal:

aci_create

the Azure Portal already suggests to use some available Quickstart images (see picture below).

aci_create

In addition if *Docker Hub or other registry" was selected: in that case you again have to distinguish whether the source of your Container Image is a public or a private registry. For the second choice, you’ve to provide the proper values for the login server and the corresponding user name and password, which can be seen below:

aci_create

Let’s insert the proper data related to my Example Container Image: I’m going to name the Container Instance “patrickscontainerinstance”, which is stored - of course - at my own mentioned Container Registry named “patricksregistry. The Image is named “patricksrepo/containerpost06”, the Image Tag is “firstversion”. As OS type, I’ve to choose “Windows”. As the Container Image is managed at an “Azure Container Registry”, I don’t have to provide some credentials.

aci_patrickscontainer

Networking

The next tab Networking provides a form to enter ports, which you’d like to reveal and whether your Container should get an IP address or not. I suggest to choose “public”, so that the Container gets an IP. If the Container needs to access e.g.: a File share, this won’t work without choosing “public” (“private” option does not work for Windows Container).

aci_networking

Advanced

At this section, you’ve to provide the proper Command override command string. According to my Example Container, it fits by providing following information:

The documentaton for the Command override can be found here:

https://docs.microsoft.com/en-us/azure/container-instances/container-instances-start-command

aci_advanced

The working Command override string for my Container can be seen below:

[ "powershell", "C:/Scripts/Start.ps1" ]

Deployment

After applying the settings and waiting for a few minutes for getting the image pulled, the Azure Container Instance is ready.

aci_deployment_complete
aci_connect_container

You can access the Container by choosing “Connect” and entering “cmd” (for Windows Container), respectively by choosing “Logs” you’d see the related outputs, which are implemented within the Powershell Script File “Start.ps1”

aci_connect_container

Conclusion

From my point of view, using Azure Container Instances is a good idea if:

and it is not a good idea if:

Microsoft: Azure Container Instances

Microsoft: Azure Container Instances: Container Instances Start Command